Vulnerabilities > CVE-2020-10073 - Missing Authorization vulnerability in Gitlab

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
gitlab
CWE-862
NVD
Published: 2020-03-13
Updated: 2021-07-21

Summary

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page.

Vulnerable Configurations

Part Description Count
Application
Gitlab
37

Common Weakness Enumeration (CWE)

References